comp koci

1

comp koci

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Ovaj problem sam objavio u delu foruma windows. Posle nekih pokusaja predlozeno mi je da problem objasnim u ambulanti. O cemu se radi. Pre nedelju dana primetio sam da mi comp koci. Pomislio sam na viruse i skenirao Nodom i nije bilo virusa. Posle toga skeniram sa Malvare bytesom i nema virusa. To krece sve od podizanja windowsa. Sporije, pa cekam da ukucam svoju lozinku, pa zatim kada se otvori desk, cesto cekam da se pojave ikone, gageti itd. Kada hocu desnim klikom nesto da obrisem, cekam na otvaranje prozora da bih isao na opciju delete. Nekada to sve brze radi, nekada ovako kako opisujem. Kada krene da brise neki file opet usporeno a nekada brze. Stro se tice browsera i na operi i na chrome sporije se otvaraju stranice. Takodje i slike na nekoj sportskoj stranici. A nekada opet brze. Sto se tice neta, ne znam mnogo o tome osim da imam ADSL cetiri klika. Kakvi su vam jos podaci potrbni morate da mi kazete i gde da pogledam da bih vam rekao vise. U delu forima windows sam okacio slike o ram memoriji, grafickoj, o konfiguraciji dok smo pokusavali da resimo ovaj problem. Ako je to opet potrebno, uradicu. Na kraju saljem ove izvestaje, nadam se da sam dobro uradio i da vam je to potrebno.

mycity.rs/must-login.png

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Napisano: 08 Feb 2014 15:11

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.51.2
Run by Dragan i Vanja at 14:24:27 on 2014-02-08
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8169.5306 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera_crashreporter.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\LogonUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.rs/
uLocal Page = about:blank
uWindow Title = Microsoft Internet Explorer
uDefault_Search_URL = hxxp://www.google.com
mStart Page = about:blank
mLocal Page = about:blank
mSearch Bar = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: FlashCatchBHO Class: {88618A96-6D8A-42E7-B932-9073D5B2080F} - C:\Program Files (x86)\FlashCatch\flashcatch.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
TB: FlashCatch: {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
TB: FlashCatch: {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: LastPass - C:\Users\Dragan i Vanja\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass ?????????? ????????? - <no file>
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D4418F40-2F3C-4E69-ACB7-8EED4BDA679E} - C:\Program Files (x86)\FreshDevices\FreshDownload\fd.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{8E2252CA-35FA-43CC-852D-4FF86CB993C4} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mLocal Page = about:blank
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.startup.homepage - google.com
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Verimatrix\ViewRight Web\npViewRight.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\Dragan i Vanja\AppData\Roaming\TorrentStream\player\npts_plugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2011-8-4 62496]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-8-3 17720]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-1-12 27800]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2011-8-4 38288]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-13 203776]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-8-9 974944]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-13 366640]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-12-14 39056]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-1-28 1141336]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [2013-12-16 23552]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-12 2656280]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-1-12 115216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-1-12 76912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-13 25912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 vvftav;vvftav;C:\Windows\System32\drivers\vvftav.sys [2013-12-7 300800]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-13 1255736]
S3 ZSMC0305;A4 TECH PC Camera V;C:\Windows\System32\drivers\usbVM305.sys [2013-1-12 1541120]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-02-08 12:50:04 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-02-08 12:49:52 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-08 00:35:55 -------- d-----w- C:\ProgramData\Licenses
2014-02-08 00:35:22 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2014-02-05 20:06:37 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\Nevosoft
2014-02-05 09:41:20 5556104 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-02-04 22:13:39 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\Opera Software
2014-02-04 22:13:39 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Local\Opera Software
2014-02-02 23:05:23 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\8Floor
2014-02-01 14:03:42 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Local\Emtion
2014-01-31 19:13:57 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\SMIGames
2014-01-31 18:35:08 -------- d-----w- C:\Program Files (x86)\MyRealGames.com
2014-01-29 17:21:09 -------- d-----w- C:\Users\Dragan i Vanja\Mushroom Age
2014-01-29 16:14:00 -------- d-----w- C:\Windows\pss
2014-01-28 10:02:24 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\DominiGames
2014-01-27 03:04:10 -------- d-----w- C:\Temp
2014-01-26 20:51:17 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\RealNetworks
2014-01-26 20:51:11 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\OpenCandy
2014-01-26 20:50:50 -------- d-----w- C:\Program Files (x86)\RealNetworks
2014-01-26 20:50:21 153672 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll
2014-01-26 20:50:10 144968 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpplugin.dll
2014-01-26 14:17:37 -------- d-----w- C:\Program Files (x86)\Greatis
2014-01-23 09:30:53 -------- d-----w- C:\Users\Dragan i Vanja\AppData\Roaming\4 Friends Games
2014-01-18 20:55:51 2179584 ----a-w- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2014-01-15 20:20:04 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2014-02-05 09:41:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 09:41:33 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-28 01:23:54 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-01-28 01:23:54 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-12-07 17:51:23 46080 ----a-w- C:\Windows\SysWow64\vvftctrl.dll
2013-12-07 17:51:21 176128 ----a-w- C:\Windows\amcap.exe
2013-02-05 19:21:26 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2010-01-26 09:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
.
============= FINISH: 14:25:22,89 ===============

Dopuna: 08 Feb 2014 15:12

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12.1.2013 22:58:07
System Uptime: 8.2.2014 8:50:54 (6 hours ago)
.
Motherboard: ECS | | H61H2-M2
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz | CPU 1 | 2600/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 89,316 GiB free.
D: is FIXED (NTFS) - 195 GiB total, 192,542 GiB free.
E: is FIXED (NTFS) - 195 GiB total, 182,925 GiB free.
F: is FIXED (NTFS) - 394 GiB total, 369,906 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP526: 4.2.2014 23:08:04 - Before uninstalling Opera 12.16
RP527: 6.2.2014 0:50:57 - Before uninstalling Google Chrome
RP528: 6.2.2014 19:36:53 - Before uninstalling Mysteryville
RP529: 6.2.2014 23:51:02 - Before uninstalling Sky Fight WW2
RP530: 8.2.2014 1:41:08 - Before uninstalling SpywareBlaster 5.0
RP531: 8.2.2014 14:14:05 - Before uninstalling Spybot - Search & Destroy
.
==== Installed Programs ======================
.
A4 TECH PC Camera V
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
AMD Drag and Drop Transcoding
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Avidemux 2.5
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDBurnerXP
Christmas Mahjong
(zabranjeno)lock 3.9.44
Deadly Stars
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Easy Video Splitter 1.28
ESET Smart Security
Facebook Video Calling 2.0.0.447
FlashCatch
foobar2000 v1.1.11
FormatFactory 3.0.1
Foxit Reader
Google Chrome
Google Talk Plugin
Google Update Helper
Horizon33
HydraVision
HyperCam 2
Index of TV version 1.5
Intel(R) Management Engine Components
Java 7 Update 51
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
K-Lite Codec Pack 6.6.0 (Basic)
LastPass(uninstall only)
lightshot-4.4.2.10
Malwarebytes' Anti-Malware verzija 1.51.0.1200
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
Opera Stable 19.0.1326.59
Photo Notifier and Animation Creator
Plants Vs. Zombies
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
RealUpgrade 1.1
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Simple Adblock
Skype™ 6.11
Smart Defrag 2
SMPlayer 0.8.6
swMSM
Text Opener 0.1
The KMPlayer (remove only)
Time Adjuster STANDARD 3.1
Torrent Stream 2.0.8.12
Transcribe! 8.21
Ultra Video Splitter 5.1.0713
Unity Web Player
Unlocker 1.9.1-x64
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UpdateService
USB PC Camera VC305
uTorrent REPACK 3.3.2 Build 30303
VDownloader 3.0.733
ViewRight Web PC
VLC media player 2.0.6
VLC media player 2.1.2
WeatherBlink Toolbar Chrome Extension
Windows Driver Package - Atheros (L1C) Net (09/27/2010 1.0.0.36)
Windows Media Player Firefox Plugin
WinPcap 4.1.1
WinRAR 4.01 (32-bit)
WinRAR 4.01 (64-bit)
WMV9/VC-1 Video Playback
Yahoo! Software Update
Your Uninstaller! 7
.
==== Event Viewer Messages From Past Week ========
.
7.2.2014 1:47:20, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
6.2.2014 23:58:21, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
5.2.2014 12:37:49, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5.2.2014 12:37:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5.2.2014 12:37:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5.2.2014 12:37:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5.2.2014 12:37:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5.2.2014 12:37:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5.2.2014 12:37:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avkmgr CSC DfsC discache ehdrv EpfwLWF NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
5.2.2014 12:37:11, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5.2.2014 12:37:11, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:11, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:11, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:11, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:10, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5.2.2014 12:37:10, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5.2.2014 12:37:10, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
5.2.2014 12:37:10, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5.2.2014 12:37:10, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5.2.2014 12:36:51, Error: sptd [4] - Driver detected an internal error in its data structures for .
5.2.2014 12:32:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
3.2.2014 7:24:45, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3.2.2014 7:24:45, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
.
==== End Of File ===========================

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop:
Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom.
Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija.


dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor;
pod Optional Scan sekciji, označi List BCD i Driver MD5 polja;
klikni na dugme Scan;
po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan;
iskopiraj sadržaj FRST.txt izveštaja u poruku;
po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt);
okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Napisano: 08 Feb 2014 16:14

mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Dragan i Vanja (administrator) on DRAGANIVANJA-PC on 08-02-2014 16:03:13
Running from C:\Users\Dragan i Vanja\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4030008 2011-08-09] (ESET)
HKU\S-1-5-21-2024050745-2613658826-3340665874-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2024050745-2613658826-3340665874-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2024050745-2613658826-3340665874-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8ABE7C7E13F1CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 - {2158996A-B7F6-4702-ABA7-0336CC0A100F} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2158996A-B7F6-4702-ABA7-0336CC0A100F} URL = startsear.ch/?src=sp&aff=67&cf=ab14.....4ed&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashCatchBHO Class - {88618A96-6D8A-42E7-B932-9073D5B2080F} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
Toolbar: HKLM-x32 - FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
Toolbar: HKLM-x32 - No Name - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File
Toolbar: HKCU - No Name - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.4.61 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.7.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.7.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.7.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.4.61 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb - C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dragan i Vanja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dragan i Vanja\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dragan i Vanja\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.8.12 - C:\Users\Dragan i Vanja\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dragan i Vanja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @verimatrix.com/ViewRightWeb - C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Dragan i Vanja\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dragan i Vanja\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dragan i Vanja\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\searchplugins\googletranslate.xml
FF Extension: Flash Video Downloader - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\artur.dubovoy@gmail.com [2014-01-24]
FF Extension: FVD Speed Dial with Full Online Sync - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\pavel.sherbakov@gmail.com [2014-01-31]
FF Extension: Secure Login - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\secureLogin@blueimp.net [2013-01-13]
FF Extension: LastPass - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\support@lastpass.com [2013-11-28]
FF Extension: DownloadHelper - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-11-23]
FF Extension: Thumbnail Zoom Plus - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2013-02-20]
FF Extension: Torntv - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\torntv@torntv.com.xpi [2013-02-04]
FF Extension: Google Translator for Firefox - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\translator@zoli.bod.xpi [2013-01-31]
FF Extension: Zoom Page - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\zoompage@DW-dev.xpi [2013-02-20]
FF Extension: MouseZoom - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}.xpi [2013-02-20]
FF Extension: Adblock Plus - C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla\Firefox\Profiles\0876mdsi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-01]
FF HKLM-x32\...\Firefox\Extensions: [flashcatch@flashcatch.com] - C:\Program Files (x86)\FlashCatch\firefox
FF Extension: FlashCatch - C:\Program Files (x86)\FlashCatch\firefox [2013-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{10E4285F-D79B-4147-9447-81DFF109A394}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-01]
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Dragan i Vanja\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\Dragan i Vanja\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013-05-07]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Translate) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-08]
CHR Extension: (Quick Bookmarks) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgmnekpakhkbnhehnpkminifbpmkghg [2014-02-08]
CHR Extension: (Bookmarks list from context menu) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkcifdimicnaigofdfmpdiippchcegp [2014-02-08]
CHR Extension: (Google документи) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-10]
CHR Extension: (Google диск) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10]
CHR Extension: (Embed WMPlayer inline) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli [2014-02-08]
CHR Extension: (YouTube Options) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2014-02-08]
CHR Extension: (YouTube) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10]
CHR Extension: (HIFANA X W+K TOKYO LAB) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhjjmolopikkbigemoocmebohfpnmkj [2014-02-08]
CHR Extension: (AdThwart Legacy) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpcpblpdkddoicgechaickbldbieccko [2014-02-08]
CHR Extension: (Adblock Plus) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-08]
CHR Extension: (AdBlock+) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao [2014-02-08]
CHR Extension: (Google претрага) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-02-08]
CHR Extension: (Gmail ван мреже) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-02-08]
CHR Extension: (Edit This Cookie) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-02-08]
CHR Extension: (AdBlock) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-08]
CHR Extension: (Mail Checker Lite: Nicholas Workshop) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmpdgciblcggldoiafnecomgiikleah [2014-02-08]
CHR Extension: (LastPass) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-02-08]
CHR Extension: (RealPlayer Downloader) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-28]
CHR Extension: (SockshareDownloader) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\inajjmmocfcgeaiplbkboilgldghaphp [2014-02-08]
CHR Extension: (Downloads) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgbalphdbabbndjidpoacmfgjaniipcj [2014-02-08]
CHR Extension: (VLC 4 YouTube (beta)) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldiailifbdkepgpcojllmkbakleicab [2014-02-08]
CHR Extension: (Apps to Bookmark Bar) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpfcdjonlnbjndlilenbbmhdoapbphk [2014-02-08]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-02-08]
CHR Extension: (Right click looks up with Wikipedia) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdafdagcmhijfdcpnkdigmnmdkdanjhn [2014-02-08]
CHR Extension: (Redirect adf.ly) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfffmkcdjljajeggjoecedpnepochcfm [2014-02-08]
CHR Extension: (Webcam Toy) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-02-08]
CHR Extension: (Google провера поште) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-06]
CHR Extension: (SiteBookmarks) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijccbhecmjbiepdfpbnknpjeiggnomn [2014-02-08]
CHR Extension: (LastPass Vault) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-02-08]
CHR Extension: (Google новчаник) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Docs PDF/PowerPoint Viewer (од Google-а)) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-02-08]
CHR Extension: (Topline Bookmark) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmdjcddokpjcbbpolohloapimajlffe [2014-02-08]
CHR Extension: (ONTV VIDEO Downloader) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\obmebfbgmkcbllhdlegkblcbnkkpkbdb [2014-02-08]
CHR Extension: (VLC Remote) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocjihlfhgfogkibimkhmmblpoihoodmm [2014-02-08]
CHR Extension: (Камера) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [2014-02-08]
CHR Extension: (Vimeo Downloader) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmggbdmadcebmiklfajmbfpdgimdpij [2014-02-08]
CHR Extension: (Color Icons for Gmail) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioomoieildjihcajfoobhhiecjkmfn [2014-02-08]
CHR Extension: (better Browser - for Chrome) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh [2014-02-08]
CHR Extension: (Своју ИП адресу) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2014-02-08]
CHR Extension: (Gmail) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-10]
CHR Extension: (Browser QuickLinks) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2014-02-08]
CHR Extension: (TED Video Download) - C:\Users\Dragan i Vanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponobohemjmcfbdcjghajlmkenceogaa [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [emhbfdblbedhlgenffklmjamlbminina] - C:\Program Files (x86)\WeatherBlink Chrome Extension\bar\WeatherBlink@mindspark.com [2013-01-13]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2013-02-05]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-12-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-08-09] (ESET)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [366640 2011-05-29] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-12-14] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-01-28] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2013-12-16] ()

==================== Drivers (Whitelisted) ====================

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-11-16] (Avira Operations GmbH & Co. KG)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25912 2011-05-29] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-09] (Duplex Secure Ltd.)
S3 vvftav; C:\Windows\System32\drivers\vvftav.sys [300800 2007-06-23] (Vimicro Corporation)
S3 ZSMC0305; C:\Windows\System32\Drivers\usbVM305.sys [1541120 2007-03-08] (Vimicro Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 0E882C155315FF446602D48000441AE4
C:\Windows\System32\DRIVERS\atikmpag.sys 9B918FD1A17385A22BE43AD9EE299BD3
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\ssadadb.sys 4DE0D5D747A73797C95A97DCCE5018B5
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys 4BF5BCA6E2608CD8A00BC4A6673A9F47
C:\Windows\System32\DRIVERS\avkmgr.sys CD0E732347BF09717E0BDDC0C66699AB
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\System32\DRIVERS\eamonm.sys 13533557D01B88C83110D5CF749F14D7
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E097728129E7B79BF1089D7AEF42332B
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfw.sys 198C6FBC30BBD9632EA051203DCCF204
C:\Windows\System32\DRIVERS\EpfwLWF.sys 56DE463F517710A8AA44EEF82C35B3C9
C:\Windows\System32\DRIVERS\epfwwfp.sys 710B0442BB2F99278D7B8E02A8849C11
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 0E154DA6CA9105354A07D0C576804037
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys ED49FD1373DE93617A1F6D128D98FE4D
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys BFFB0C93D9FB43CA42EF11C9240BFF7F
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\npf.sys C31FA031335EFF434B2D94278E74BCCE
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SmartDefragDriver.sys DD0443BC6CC78A19FD399817F8C51401
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D6AB7C13FCDD2E4CAC35244D2C172D9A
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\System32\DRIVERS\ssadmdfl.sys 58221EFCB74167B73667F0024C661CE0
C:\Windows\System32\DRIVERS\ssadmdm.sys 4DA7C71BFAC5AD71255B7E4CAB980163
C:\Windows\System32\DRIVERS\ssadserd.sys D33D1BD3EC0E766211A234F56A12726D
C:\Windows\System32\DRIVERS\ss_bus.sys D21FF3592DAEE244EE8376830A672B52
C:\Windows\System32\DRIVERS\ss_mdfl.sys 451DB3D10E6112E06B4506D4A7BECEC1
C:\Windows\System32\DRIVERS\ss_mdm.sys EF40C8A268A5263A0EF48FED8E57CBED
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vvftav.sys CA51FB3A9841F73C8A25B69BDDD457B9
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\usbVM305.sys C48A0F1DF0DBA60010748DEC8CC886B4

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 16:03 - 2014-02-08 16:04 - 00046144 _____ () C:\Users\Dragan i Vanja\Desktop\FRST.txt
2014-02-08 16:02 - 2014-02-08 16:03 - 00000000 ____D () C:\FRST
2014-02-08 16:00 - 2014-02-08 16:00 - 02079744 _____ (Farbar) C:\Users\Dragan i Vanja\Desktop\FRST64.exe
2014-02-08 15:23 - 2014-02-08 15:23 - 00007292 _____ () C:\Windows\PFRO.log
2014-02-08 14:26 - 2014-02-08 14:26 - 00012460 _____ () C:\Users\Dragan i Vanja\Desktop\attach.txt
2014-02-08 14:26 - 2014-02-08 14:25 - 00020205 _____ () C:\Users\Dragan i Vanja\Desktop\dds.txt
2014-02-08 14:23 - 2014-02-08 14:23 - 00688992 ____R (Swearware) C:\Users\Dragan i Vanja\Desktop\dds.scr
2014-02-08 14:15 - 2014-02-08 14:15 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-08 13:50 - 2014-02-08 14:15 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-08 13:50 - 2014-02-08 13:50 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-08 08:52 - 2014-02-08 15:23 - 00003372 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-08 08:52 - 2014-02-08 15:23 - 00003256 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-08 01:35 - 2014-02-08 01:42 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-08 01:35 - 2014-02-08 01:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-07 23:03 - 2014-02-08 15:23 - 00000448 _____ () C:\Windows\setupact.log
2014-02-07 23:03 - 2014-02-07 23:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-06 00:56 - 2014-02-08 16:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 00:56 - 2014-02-08 15:23 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 00:56 - 2014-02-06 00:56 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-06 00:56 - 2014-02-06 00:56 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-05 21:06 - 2014-02-05 21:06 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Nevosoft
2014-02-05 10:41 - 2014-02-05 10:41 - 05556104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-04 23:13 - 2014-02-04 23:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Opera Software
2014-02-04 23:13 - 2014-02-04 23:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Opera Software
2014-02-03 19:21 - 2014-02-07 18:59 - 00000000 ____D () C:\Users\Administrator\Downloads\The Butler (2013) [1080p]
2014-02-03 19:21 - 2014-02-03 19:21 - 00000000 ____D () C:\Users\Administrator
2014-02-03 07:53 - 2014-02-03 07:53 - 00000940 _____ () C:\Users\Dragan i Vanja\Desktop\µTorrent.lnk
2014-02-03 00:05 - 2014-02-04 12:28 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\8Floor
2014-02-02 21:59 - 2014-02-02 21:59 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-02 02:25 - 2014-02-02 14:36 - 00000000 ____D () C:\Users\Public\Documents\myrealgames
2014-02-01 15:03 - 2014-02-01 15:03 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Emtion
2014-01-31 20:13 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\SMIGames
2014-01-31 19:35 - 2014-02-06 20:44 - 00000000 ____D () C:\Program Files (x86)\MyRealGames.com
2014-01-29 18:21 - 2014-01-29 18:21 - 00000000 ____D () C:\Users\Dragan i Vanja\Mushroom Age
2014-01-29 17:14 - 2014-02-03 07:37 - 00000000 ____D () C:\Windows\pss
2014-01-29 16:42 - 2014-01-29 16:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-01-29 16:42 - 2014-01-29 16:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-01-29 00:20 - 2014-02-07 23:04 - 00003394 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-01-29 00:20 - 2014-02-07 23:04 - 00003278 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\DominiGames
2014-01-28 02:25 - 2014-01-28 02:25 - 00001046 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-01-28 02:23 - 2014-01-28 02:25 - 00000000 ____D () C:\Program Files (x86)\real
2014-01-26 21:51 - 2014-01-26 21:51 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\RealNetworks
2014-01-26 21:51 - 2014-01-26 21:51 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\OpenCandy
2014-01-26 21:50 - 2014-01-26 21:50 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-01-26 15:21 - 2014-01-26 15:29 - 00000391 _____ () C:\Windows\SysWOW64\Partizan.RRI
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ___HD () C:\Users\Dragan i Vanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ____D () C:\Program Files (x86)\Greatis
2014-01-25 20:09 - 2014-01-25 20:09 - 00000000 ____D () C:\Users\Dragan i Vanja\Downloads\PREUZIMANJA
2014-01-23 10:30 - 2014-01-23 10:30 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\4 Friends Games
2014-01-21 00:57 - 2014-01-26 15:15 - 00000000 ____D () C:\Users\Dragan i Vanja\Documents\Outlook Files
2014-01-18 22:30 - 2014-01-18 22:30 - 00001023 _____ () C:\Users\Dragan i Vanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2014-01-16 11:26 - 2014-01-16 11:26 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-01-15 21:20 - 2014-01-15 21:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== One Month Modified Files and Folders =======

2014-02-08 16:04 - 2014-02-08 16:03 - 00046144 _____ () C:\Users\Dragan i Vanja\Desktop\FRST.txt
2014-02-08 16:03 - 2014-02-08 16:02 - 00000000 ____D () C:\FRST
2014-02-08 16:03 - 2013-03-01 01:43 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{95B2DE2D-0FF7-4C55-8E16-F73D5C551B00}
2014-02-08 16:02 - 2013-01-13 04:29 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Skype
2014-02-08 16:01 - 2014-02-06 00:56 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 16:00 - 2014-02-08 16:00 - 02079744 _____ (Farbar) C:\Users\Dragan i Vanja\Desktop\FRST64.exe
2014-02-08 16:00 - 2013-01-13 00:34 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-02-08 15:54 - 2013-01-13 07:54 - 01269068 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 15:41 - 2013-01-12 23:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-08 15:40 - 2013-08-31 11:35 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2024050745-2613658826-3340665874-1000UA.job
2014-02-08 15:39 - 2013-02-07 18:03 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2024050745-2613658826-3340665874-1000UA.job
2014-02-08 15:30 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 15:30 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 15:23 - 2014-02-08 15:23 - 00007292 _____ () C:\Windows\PFRO.log
2014-02-08 15:23 - 2014-02-08 08:52 - 00003372 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-08 15:23 - 2014-02-08 08:52 - 00003256 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-08 15:23 - 2014-02-07 23:03 - 00000448 _____ () C:\Windows\setupact.log
2014-02-08 15:23 - 2014-02-06 00:56 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 15:23 - 2013-12-15 00:18 - 00002028 _____ () C:\Windows\Tasks\Socksharedownloader V6.0-chromeinstaller.job
2014-02-08 15:23 - 2013-12-15 00:18 - 00001392 _____ () C:\Windows\Tasks\Socksharedownloader V6.0-updater.job
2014-02-08 15:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 15:11 - 2013-02-17 23:46 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-02-08 15:06 - 2013-11-22 15:57 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-02-08 15:06 - 2013-03-06 09:58 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Adobe
2014-02-08 14:26 - 2014-02-08 14:26 - 00012460 _____ () C:\Users\Dragan i Vanja\Desktop\attach.txt
2014-02-08 14:25 - 2014-02-08 14:26 - 00020205 _____ () C:\Users\Dragan i Vanja\Desktop\dds.txt
2014-02-08 14:23 - 2014-02-08 14:23 - 00688992 ____R (Swearware) C:\Users\Dragan i Vanja\Desktop\dds.scr
2014-02-08 14:15 - 2014-02-08 14:15 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-08 14:15 - 2014-02-08 13:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-08 13:50 - 2014-02-08 13:50 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-08 13:05 - 2013-11-16 20:03 - 00000406 _____ () C:\Windows\Tasks\update-sys.job
2014-02-08 12:40 - 2013-08-31 11:35 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2024050745-2613658826-3340665874-1000Core.job
2014-02-08 12:11 - 2013-11-16 20:03 - 00000406 _____ () C:\Windows\Tasks\update-S-1-5-21-2024050745-2613658826-3340665874-1000.job
2014-02-08 03:55 - 2013-01-13 01:22 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\uTorrent
2014-02-08 01:42 - 2014-02-08 01:35 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-08 01:35 - 2014-02-08 01:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-07 23:04 - 2014-01-29 00:20 - 00003394 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-07 23:04 - 2014-01-29 00:20 - 00003278 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-02-07 23:03 - 2014-02-07 23:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-07 22:53 - 2013-01-12 22:58 - 00000000 ____D () C:\Users\Dragan i Vanja
2014-02-07 20:20 - 2013-01-13 12:59 - 00000326 _____ () C:\Windows\Tasks\At5.job
2014-02-07 20:15 - 2013-01-13 12:59 - 00000328 _____ () C:\Windows\Tasks\At4.job
2014-02-07 20:10 - 2013-01-13 12:59 - 00000330 _____ () C:\Windows\Tasks\At3.job
2014-02-07 20:05 - 2013-01-13 12:59 - 00000326 _____ () C:\Windows\Tasks\At2.job
2014-02-07 19:00 - 2013-12-24 00:10 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\StolenSecrets
2014-02-07 19:00 - 2013-01-13 12:59 - 00000332 _____ () C:\Windows\Tasks\At1.job
2014-02-07 18:59 - 2014-02-03 19:21 - 00000000 ____D () C:\Users\Administrator\Downloads\The Butler (2013) [1080p]
2014-02-07 07:39 - 2013-02-07 18:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2024050745-2613658826-3340665874-1000Core.job
2014-02-06 20:44 - 2014-01-31 19:35 - 00000000 ____D () C:\Program Files (x86)\MyRealGames.com
2014-02-06 20:11 - 2013-01-13 18:13 - 00000000 ___RD () C:\Users\Dragan i Vanja\Desktop\BROWSER
2014-02-06 02:33 - 2009-07-14 06:13 - 00785302 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 00:56 - 2014-02-06 00:56 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-06 00:56 - 2014-02-06 00:56 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-06 00:56 - 2013-01-12 23:29 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-05 21:06 - 2014-02-05 21:06 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Nevosoft
2014-02-05 12:35 - 2009-07-14 06:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 10:41 - 2014-02-05 10:41 - 05556104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-05 10:41 - 2013-01-12 23:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:41 - 2013-01-12 23:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 10:41 - 2013-01-12 23:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 23:13 - 2014-02-04 23:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Opera Software
2014-02-04 23:13 - 2014-02-04 23:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Opera Software
2014-02-04 23:13 - 2013-01-12 23:40 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-02-04 12:28 - 2014-02-03 00:05 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\8Floor
2014-02-03 19:21 - 2014-02-03 19:21 - 00000000 ____D () C:\Users\Administrator
2014-02-03 07:53 - 2014-02-03 07:53 - 00000940 _____ () C:\Users\Dragan i Vanja\Desktop\µTorrent.lnk
2014-02-03 07:37 - 2014-01-29 17:14 - 00000000 ____D () C:\Windows\pss
2014-02-03 07:37 - 2013-01-12 22:58 - 00000000 ___RD () C:\Users\Dragan i Vanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-02 22:04 - 2013-01-13 18:07 - 00000000 ___RD () C:\Users\Dragan i Vanja\Desktop\ČIŠĆENJE
2014-02-02 21:59 - 2014-02-02 21:59 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-02 21:59 - 2013-01-13 00:15 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 14:36 - 2014-02-02 02:25 - 00000000 ____D () C:\Users\Public\Documents\myrealgames
2014-02-02 02:04 - 2013-03-04 22:28 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Funlinker
2014-02-02 01:28 - 2013-03-15 23:25 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\PoBros
2014-02-02 01:28 - 2013-03-15 23:25 - 00000000 ____D () C:\ProgramData\PoBros
2014-02-01 15:03 - 2014-02-01 15:03 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Emtion
2014-01-31 20:13 - 2014-01-31 20:13 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\SMIGames
2014-01-31 07:41 - 2013-01-13 01:47 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Adobe
2014-01-29 18:21 - 2014-01-29 18:21 - 00000000 ____D () C:\Users\Dragan i Vanja\Mushroom Age
2014-01-29 17:50 - 2013-02-22 11:46 - 00000000 ____D () C:\Program Files (x86)\GameTop.com
2014-01-29 16:47 - 2013-01-12 23:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-29 16:42 - 2014-01-29 16:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-01-29 16:42 - 2014-01-29 16:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-01-29 16:42 - 2013-03-06 09:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-29 16:36 - 2013-02-09 01:01 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-01-29 16:35 - 2013-01-12 23:33 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-01-29 15:55 - 2013-07-15 17:10 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Local\Apple Computer
2014-01-28 19:34 - 2013-09-26 16:59 - 00000000 ____D () C:\ProgramData\Meridian93
2014-01-28 19:07 - 2013-09-26 16:59 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Meridian93
2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\DominiGames
2014-01-28 02:25 - 2014-01-28 02:25 - 00001046 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-01-28 02:25 - 2014-01-28 02:23 - 00000000 ____D () C:\Program Files (x86)\real
2014-01-28 02:24 - 2013-12-28 11:22 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-01-28 02:24 - 2013-12-28 11:22 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-01-28 02:23 - 2013-12-12 18:54 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-01-28 02:23 - 2013-01-12 23:25 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-01-28 01:51 - 2013-02-03 02:16 - 00003414 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2024050745-2613658826-3340665874-1000
2014-01-28 01:37 - 2013-02-11 22:13 - 00000000 ____D () C:\Program Files\Unlocker
2014-01-28 01:29 - 2013-01-13 01:22 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-01-27 04:25 - 2013-04-16 09:24 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\vlc
2014-01-27 04:25 - 2013-03-20 17:19 - 00000000 ____D () C:\Users\Dragan i Vanja\.smplayer
2014-01-27 04:25 - 2013-02-05 11:13 - 00000000 ____D () C:\ProgramData\Real
2014-01-27 04:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-01-27 04:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-01-27 01:21 - 2013-02-28 12:15 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Awem
2014-01-27 00:39 - 2013-01-12 23:28 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Mozilla
2014-01-26 21:56 - 2013-11-17 01:44 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-26 21:51 - 2014-01-26 21:51 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\RealNetworks
2014-01-26 21:51 - 2014-01-26 21:51 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\OpenCandy
2014-01-26 21:51 - 2013-02-05 10:43 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Real
2014-01-26 21:50 - 2014-01-26 21:50 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-01-26 21:50 - 2013-11-28 23:22 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-01-26 15:29 - 2014-01-26 15:21 - 00000391 _____ () C:\Windows\SysWOW64\Partizan.RRI
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ___HD () C:\Users\Dragan i Vanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-01-26 15:17 - 2014-01-26 15:17 - 00000000 ____D () C:\Program Files (x86)\Greatis
2014-01-26 15:15 - 2014-01-21 00:57 - 00000000 ____D () C:\Users\Dragan i Vanja\Documents\Outlook Files
2014-01-25 20:09 - 2014-01-25 20:09 - 00000000 ____D () C:\Users\Dragan i Vanja\Downloads\PREUZIMANJA
2014-01-23 10:30 - 2014-01-23 10:30 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\4 Friends Games
2014-01-19 06:21 - 2013-11-29 06:19 - 00000402 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Dragan i Vanja.job
2014-01-19 05:21 - 2013-11-29 06:19 - 00000406 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Dragan i Vanja.job
2014-01-18 22:30 - 2014-01-18 22:30 - 00001023 _____ () C:\Users\Dragan i Vanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2014-01-18 22:07 - 2013-04-17 19:02 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\.Torrent Stream
2014-01-17 10:42 - 2014-01-07 01:13 - 00000000 ____D () C:\AdwCleaner
2014-01-16 11:26 - 2014-01-16 11:26 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-01-16 11:26 - 2013-02-26 17:38 - 00000000 ____D () C:\Users\Dragan i Vanja\AppData\Roaming\Foxit Software
2014-01-16 11:26 - 2013-02-16 21:30 - 00000000 ___RD () C:\Users\Dragan i Vanja\Desktop\TEXT
2014-01-15 21:20 - 2013-09-17 23:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-15 21:19 - 2014-01-15 21:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 21:19 - 2013-10-19 19:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 21:19 - 2013-10-19 19:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 21:19 - 2013-10-19 19:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 21:19 - 2013-03-13 22:54 - 00000000 ____D () C:\Program Files (x86)\Java

Files to move or delete:
====================
C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe
C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe
C:\ProgramData\Installer.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
path \bootmgr
description Windows Boot Manager
locale sr-CYRL-CS
inherit {globalsettings}
default {current}
resumeobject {87c1fabc-5d4d-11e2-aebf-a0dfe0ff001b}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale sr-CYRL-CS
inherit {bootloadersettings}
recoverysequence {87c1fabe-5d4d-11e2-aebf-a0dfe0ff001b}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {87c1fabc-5d4d-11e2-aebf-a0dfe0ff001b}
nx OptIn

Windows Boot Loader
-------------------
identifier {87c1fabe-5d4d-11e2-aebf-a0dfe0ff001b}
device ramdisk=[C:]\Recovery\87c1fabe-5d4d-11e2-aebf-a0dfe0ff001b\Winre.wim,{87c1fabf-5d4d-11e2-aebf-a0dfe0ff001b}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\87c1fabe-5d4d-11e2-aebf-a0dfe0ff001b\Winre.wim,{87c1fabf-5d4d-11e2-aebf-a0dfe0ff001b}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {87c1fabc-5d4d-11e2-aebf-a0dfe0ff001b}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale sr-CYRL-CS
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale sr-CYRL-CS
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {87c1fabf-5d4d-11e2-aebf-a0dfe0ff001b}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\87c1fabe-5d4d-11e2-aebf-a0dfe0ff001b\boot.sdi



LastRegBack: 2014-02-08 10:57

==================== End Of Log ============================

Dopuna: 08 Feb 2014 16:15

mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

SearchScopes: HKCU - {2158996A-B7F6-4702-ABA7-0336CC0A100F} URL = http://startsear.ch/?src=sp&aff=67&cf=ab14.....4ed&q={searchTerms}
C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe
C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe
C:\ProgramData\Installer.exe
Task: {74F1C52B-7AE8-4BF6-B311-27238E21EB65} - \Scheduled Update for Ask Toolbar No Task File
Task: {F8F21297-D49F-42E7-B11D-BE06F78ED964} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {C6A3C076-785A-491E-8C08-38ABD2D51000} - System32\Tasks\At1 => c:\windows\java_is1.exe
Task: {A2AC6AC0-83D8-44E8-8444-D00F63ABA813} - System32\Tasks\At2 => c:\windows\cpdat.exe
Task: {B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} - System32\Tasks\At3 => c:\windows\pfbstar.exe
Task: {9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} - System32\Tasks\At4 => c:\windows\digtss.exe
Task: {0E25D216-8598-4162-9467-C990E97B7355} - System32\Tasks\At5 => c:\windows\ptw32.exe


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt). Potrebno je da sadržaj fixlog.txt kopiraš na forum

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Ovo mi izlazi kada hocu da pritisnem na Fix

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Koliko vidim, fixlist je snimljen bez ekstenzije u imenu fajla. Klikni desnim tasterom miša na fixlist, idi na Rename pa dodaj .txt u ime fajla.

Probaj opet da u FRST64 klikneš na Fix.

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Napisano: 08 Feb 2014 18:08

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Dragan i Vanja at 2014-02-08 18:05:09 Run:1
Running from C:\Users\Dragan i Vanja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

SearchScopes: HKCU - {2158996A-B7F6-4702-ABA7-0336CC0A100F} URL = startsear.ch/?src=sp&aff=67&cf=ab14.....4ed&q={searchTerms}
C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe
C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe
C:\ProgramData\Installer.exe
Task: {74F1C52B-7AE8-4BF6-B311-27238E21EB65} - \Scheduled Update for Ask Toolbar No Task File
Task: {F8F21297-D49F-42E7-B11D-BE06F78ED964} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {C6A3C076-785A-491E-8C08-38ABD2D51000} - System32\Tasks\At1 => c:\windows\java_is1.exe
Task: {A2AC6AC0-83D8-44E8-8444-D00F63ABA813} - System32\Tasks\At2 => c:\windows\cpdat.exe
Task: {B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} - System32\Tasks\At3 => c:\windows\pfbstar.exe
Task: {9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} - System32\Tasks\At4 => c:\windows\digtss.exe
Task: {0E25D216-8598-4162-9467-C990E97B7355} - System32\Tasks\At5 => c:\windows\ptw32.exe

*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2158996A-B7F6-4702-ABA7-0336CC0A100F} => Key deleted successfully.
HKCR\CLSID\{2158996A-B7F6-4702-ABA7-0336CC0A100F} => Key not found.
C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe => Moved successfully.
C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe => Moved successfully.
C:\ProgramData\Installer.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74F1C52B-7AE8-4BF6-B311-27238E21EB65} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74F1C52B-7AE8-4BF6-B311-27238E21EB65} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F8F21297-D49F-42E7-B11D-BE06F78ED964} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8F21297-D49F-42E7-B11D-BE06F78ED964} => Key deleted successfully.
C:\Windows\System32\Tasks\YourFile DownloaderUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6A3C076-785A-491E-8C08-38ABD2D51000} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6A3C076-785A-491E-8C08-38ABD2D51000} => Key deleted successfully.
C:\Windows\System32\Tasks\At1 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2AC6AC0-83D8-44E8-8444-D00F63ABA813} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2AC6AC0-83D8-44E8-8444-D00F63ABA813} => Key deleted successfully.
C:\Windows\System32\Tasks\At2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} => Key deleted successfully.
C:\Windows\System32\Tasks\At3 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} => Key deleted successfully.
C:\Windows\System32\Tasks\At4 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At4 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E25D216-8598-4162-9467-C990E97B7355} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E25D216-8598-4162-9467-C990E97B7355} => Key deleted successfully.
C:\Windows\System32\Tasks\At5 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At5 => Key deleted successfully.

==== End of Fixlog ====

Dopuna: 08 Feb 2014 18:15

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Dragan i Vanja at 2014-02-08 18:12:52 Run:2
Running from C:\Users\Dragan i Vanja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {2158996A-B7F6-4702-ABA7-0336CC0A100F} URL = startsear.ch/?src=sp&aff=67&cf=ab14.....4ed&q={searchTerms}
C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe
C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe
C:\ProgramData\Installer.exe
Task: {74F1C52B-7AE8-4BF6-B311-27238E21EB65} - \Scheduled Update for Ask Toolbar No Task File
Task: {F8F21297-D49F-42E7-B11D-BE06F78ED964} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {C6A3C076-785A-491E-8C08-38ABD2D51000} - System32\Tasks\At1 => c:\windows\java_is1.exe
Task: {A2AC6AC0-83D8-44E8-8444-D00F63ABA813} - System32\Tasks\At2 => c:\windows\cpdat.exe
Task: {B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} - System32\Tasks\At3 => c:\windows\pfbstar.exe
Task: {9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} - System32\Tasks\At4 => c:\windows\digtss.exe
Task: {0E25D216-8598-4162-9467-C990E97B7355} - System32\Tasks\At5 => c:\windows\ptw32.exe



*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2158996A-B7F6-4702-ABA7-0336CC0A100F} => Key not found.
HKCR\CLSID\{2158996A-B7F6-4702-ABA7-0336CC0A100F} => Key not found.
"C:\ProgramData\C__Program Files (x86)_WebcamMax_wcmmon.exe" => File/Directory not found.
"C:\ProgramData\C__Program Files (x86)_WebcamMax_webcammax.exe" => File/Directory not found.
"C:\ProgramData\Installer.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74F1C52B-7AE8-4BF6-B311-27238E21EB65} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8F21297-D49F-42E7-B11D-BE06F78ED964} => Key not found.
C:\Windows\System32\Tasks\YourFile DownloaderUpdate not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6A3C076-785A-491E-8C08-38ABD2D51000} => Key not found.
C:\Windows\System32\Tasks\At1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2AC6AC0-83D8-44E8-8444-D00F63ABA813} => Key not found.
C:\Windows\System32\Tasks\At2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3CF7603-01A1-45C4-8D66-7C2EDC55EDAE} => Key not found.
C:\Windows\System32\Tasks\At3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At3 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CF2BA85-F7A7-47E8-92EC-0B89F9666FDB} => Key not found.
C:\Windows\System32\Tasks\At4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At4 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E25D216-8598-4162-9467-C990E97B7355} => Key not found.
C:\Windows\System32\Tasks\At5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At5 => Key not found.

==== End of Fixlog ====

Dopuna: 08 Feb 2014 18:16

Vise ne znam sta radim, zaludeo sam sta kopiram i sta saljem.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sada stanje sistema?

offline
  • Pridružio: 09 Avg 2008
  • Poruke: 80

Da li sam poslao tacno sve sto ste trazili?

Ko je trenutno na forumu
 

Ukupno su 989 korisnika na forumu :: 36 registrovanih, 11 sakrivenih i 942 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksmajstor, Andrija357, bojank, Brana01, bufanje, darkangel, Dimitrise93, FOX, Georgius, Kubovac, ljuba, mackenzie, menges, mercedesamg, mihajlo.hrin, milanovic, moldway, nemkea71, nextyamb, opt1, pacika, procesor, royst33, Sirius, SlaKoj, slonic_tonic, solic, srbijaiznadsvega, Srki94, tmanda323, Valter071, vladaa012, voja64, YU-UKI, Yugol33, Čivi